4. THE
RISE
OF
MOBILE
AND
THE
CONNECTED
SOCIETY
700
600
500
Desktop
400
Laptop
300
Smartphone
200
100
0
2005
2006
2007
2008
2009
2010
2011
Source
data:
Morgan
Stanley
Research
4
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
2012
2013E
5. THE
RISE
OF
MOBILE
AND
THE
CONNECTED
SOCIETY
700
600
500
400
All
PC
Smartphone
300
200
100
0
2005
2006
2007
2008
2009
2010
2011
Source
data:
Morgan
Stanley
Research
5
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
2012
2013E
6. THE
RISE
OF
MOBILE
AFFECTS
THE
ENTIRE
CHAIN
! So
why
are
we
talking
about
Smartphones
at
an
AMD
conference?
! What
is
a
mobile
device?
6
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
7. JUST
A
FEW
YEARS
AGO…
MOBILE
SECURITY
! I
was
working
for
an
Enterprise
Security
company
making
encryp^on
and
key
management
products
! We
were
asked
by
a
major
US
bank
to
help
them
with
the
problem
they
had
with
informa^on
security
on
mobile
devices
! 2
primary
device
types:
‒ Laptops
This
one’s
fairly
obvious.
But
this
was
easier
because
of
established
security
vendors
and
no
real
no^on
of
BYOD
for
laptops
‒ Tape
drives
(!)
They
are
very
mobile…
But
compara^vely
simple
security
problem
.
7
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
8. THE
RISE
OF
MOBILE
AFFECTS
THE
ENTIRE
CHAIN
! We
now
(try
to)
do
everything
on
the
mobile
internet
that
we
used
to
do
by
PC,
ordinary
phone
and
post
! That
blurs
the
lines
between
device
types:
phones,
tablets,
laptops
–
truly
heterogeneous!
! It
forces
applica^ons
on-‐line,
so
the
whole
informa^on
system
from
chip
to
cloud
needs
consistent
security
! It
also
leads
to
a
significant
rise
in
the
number
of
types
of
informa^on
processed
on
mobile
devices
! …and
a
consequent
rise
in
the
value
of
that
informa^on
8
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
9. THE
RISE
OF
MOBILE
AFFECTS
THE
ENTIRE
CHAIN
! We
now
(try
to)
do
everything
on
the
mobile
internet
that
we
used
to
do
by
PC,
ordinary
phone
and
post
! That
blurs
the
lines
between
device
types:
phones,
tablets,
laptops
! It
forces
applica^ons
on-‐line,
so
the
whole
informa^on
system
from
chip
to
cloud
needs
consistent
security
! It
also
leads
to
a
significant
rise
in
the
number
of
types
of
informa^on
processed
on
mobile
devices
! …and
a
consequent
rise
in
the
value
of
that
informa^on
9
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
Sensi^ve
Informa^on
11. WHAT
IS
RISK?
Risk
=
probability
x
severity
11
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
12. WHAT
IS
RISK?
Risk
=
^me
x
remedia^on
12
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
13. WHAT
IS
RISK?
Risk
=
likelihood
x
cost
13
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
14. WHAT
IS
RISK?
How
much
should
I
care
about
this?
When
will
it
happen?
What’s
the
impact
if
it
does?
Risk
=
likelihood
x
cost
14
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
15. WHAT
IS
SECURITY?
A
Venn
diagram
SECURE
15
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
NOT SECURE
16. WHAT
IS
SECURITY?
A
Venn
diagram
SECURE?
16
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
17. WHAT
IS
SECURITY?
Security
Is
Contextual
17
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
18. THE
RISE
OF
MOBILE
MY CONTROL!
NO, MINE!
AFFECTS
THE
ENTIRE
CHAIN
! Things
are
much
more
complicated
now
! The
different
use
cases
present
a
set
of
conflic^ng
use
cases
that
a
single
extant
planorm
has
to
sa^sfy
! And
that’s
before
the
user
gets
involved
Privac
y
please
! Mul^-‐tenancy
on
a
consumer
device
lacks
some
of
the
more
powerful
approaches
available
to
server
applica^ons
CLOSED!
OPEN!
! There
are
also
more
threats
now
‒ Professionalized
malware
‒ Threats
always
follow
the
money
18
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
20. START
TRUSTED
HARDWARE
ROOTS
OF
TRUST
! So
how
does
security
enable
trust?
App
! We
typically
define
fundamental
security
building
blocks
as
“Roots
of
Trust”
! To
be
effec^ve
the
RoT
has
to
be
rooted
in
hardware
‒ Otherwise
there
are
too
many
ways
to
remove
it,
and
nothing
to
check
back
against
‒ “Trust,
but
verify”
! Not
just
a
key:
includes
the
mechanisms,
code
etc
‒ NIST
guidelines
! Secure
boot
mechanisms
(including
UEFI)
are
based
on
roots
of
trust
! Scaling
problem
–
not
everyone
can
own
a
direct
root!
So
the
planorm
has
to
provide
the
main
one
20
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
App
App
App
Opera^ng
System
Protected
Storage
Isola:on
RoT
for
RoT
for
Integrity
Repor-ng
RoT
for
Storage
Device
Integrity
RoT
for
Verifica-on
RoT
for
Measurement
Picture:
Andrew
Regenshield:
NIST/Computer
Security
Division
21. STAY
TRUSTED
SECURITY
DOESN’T
STAY
STILL
! Boot
security
is
necessary
but
not
sufficient
‒ Doesn’t
account
for
run-‐^me
exploits
‒ Good
for
system
FW
but
doesn’t
scale
to
applica^ons
! Security
is
a
dynamic
affair.
We
need
to
be
able
to
react
as
quickly
as
the
threats/market
! Planorm
use
cases
shouldn’t
be
fixed
when
the
chip
leaves
the
factory
‒ Need
to
be
able
to
add
trusted
func^onality
later
on
! Security
context
is
best
known
to
the
service
providers
but
they
do
not
make
hardware.
‒ How
to
anchor
their
trust
chains
in
hardware
at
scale?
‒ How
to
encode
their
use
case
into
general
purpose
HW?
‒ Can
you
do
a
whole
FW
update
each
^me
a
single
app
changes?
No!
21
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
23. TRUSTZONE®
HARDWARE
BACKED
SECURITY
FROM
ARM
! Separa^on
technology
built
into
ARM
Cortex-‐A
processors
! Enables
2
independent
process
stacks
to
execute
on
a
single
SoC:
Normal
mode
and
Secure
mode
! Memory
and
peripherals
can
be
par^^oned
into
secure-‐only
or
shared
! Mode
separa^on
is
enforced
by
the
processor
and
fabric
–
stronger
than
MMU
! Sovware
in
Normal
World
(including
awacks!)
can’t
read
memory
or
peripherals
that
are
reserved
for
Secure
World
! It
is
not
magic!
Designed
to
defeat
sovware
awacks,
not
na^onal
governments
and
laserbeams
! Doesn’t
have
any
sovware
23
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
TZ
only
Switchable
Normal
24. TRUSTED
EXECUTION
ENVIRONMENT
PRACTICAL
SECURITY
FOR
MOBILE
APPLICATIONS
Primary
device
environment
runs
as
normal,
including
other
security
mechanisms
Rich OS Application Environment
Client Applications
GlobalPlatform
GlobalPlatform
TEE FunctionalAPI
TEE Functional API
GlobalPlaIorm
APIs
ensure
portability
across
handsets/
plaIorms
GlobalPlatform TEE Client API
GlobalPlatformTEE Client API
Security
cri:cal
code
and
resources
protected
by
TEE
applica:ons
Trusted Execution Environment
Trusted
Application
DRM
Trusted
Application
Payment
Payment
Trusted
Application
Corporate
Corporate
GlobalPlatformTEE Internal API
GlobalPlatformTEEInternal
Trusted Core
Trusted Core
Environment
Environment
Trusted
Functions
Rich OS
TEE
provides
the
constant
security
founda:on
independent
of
OS
choice
TEE Kernel
Hardware Platform
Integrity
and
trust
underpinned
by
SoC
Image:
GlobalPlanorm
hardware
24
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
HW Secure
Resources
HW Keys, Secure Storage,
Trusted UI (Keypad, Screen),
Crypto accelerators,
NFC controller,
Secure Element, etc.
Control
of
secure
resources
25. TRUSTED
EXECUTION
ENVIRONMENT
PRACTICAL
SECURITY
FOR
MOBILE
APPLICATIONS
! TEE
combines
the
planorm
hardware
with
sovware
to
provide
an
open
environment
in
which
to
run
security
sensi^ve
code
for
normal
applica^ons
! Highly
flexible
system
enables
applica^on
stakeholders
to
protect
their
own
func^onality
‒ Correct
context
is
used
! GlobalPlanorm
is
not
the
only
model
‒ But
a
standard
helps
with
a
scalable
ecosystem
! Provides
simple
APIs
for
cryptography,
secure
storage
etc
! Working
towards
advanced
APIs
for
things
like
Trusted
User
Interface
(where
applicable)
25
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
26. BACKEND
TRUST
AND
ENROLMENT
COMPLETING
THE
CHAIN
OF
TRUST
! A
well-‐built
TEE
provides
strong
separa^on
of
processes
on
the
device
! But
as
we’ve
seen,
systems
and
trust
are
bigger
than
the
device
! A
remote
loading
system
connected
to
the
Roots
Of
Trust
is
essen^al
in
order
to
sustain
a
chain
of
trust
from
Chip
to
Cloud
! Making
it
essen^al
to
the
crea^on
of
an
ecosystem
! This
is
not
yet
standardized
but
Trustonic
operates
a
backend
system
connected
to
an
on-‐chip
Root
of
Trust
26
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
27. START
TRUSTED,
STAY
TRUSTED
Secure
Kernel
! Trusted apps are verified before they can run and
access sensitive assets – contextual security
! Normal World can only access trusted apps
through published APIs – transaction integrity
! Manufacturing and Backend systems maintain the
chain of trust between chip, apps and relying parties
27
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
Trusted
app
! TEE is given control of secure peripherals, memory
regions and trusted apps
Trusted
app
! ‘Secure boot’ from SoC ROM assures integrity of
TEE and sensitive data assets
Trusted
app
LIFECYCLE
SUPPORT
DESIGNED-‐IN
28. WHAT
ABOUT
TPM?
TPM
2.0
protocol
can
be
supported
too
! TPM 2.0 is an interface specification
REE
TEE
Rich
App
! Can co-exist with TEE, or run as an application
inside it
‒ Or even be a hardware one, if money, space and
power allow. Compatible with all models
! Extensive work in the TCG on Firmware TPMs
(PCClient group) and Mobile TPMs (Mobile
Platforms group) to enable this kind of
architecture
28
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
Rich
App
TA
TPM
Client
API
TPM
TEE
Client
API
TA
TEE
Internal
API
+
TEE
trusted
UI
++
Mobile
OS
Smartphone
hardware
Trusted
OS
TEE
entry
30. CHIP
TO
CLOUD
TRUST
EXAMPLE
USE
CASE:
SIMPLER
LOGIN
Open Environment
LOGO COLOR VERSIONS
OTP Launcher
Trusted Execution
Environment
OTP TA
Secure OTP generation
Secure OTP key storage
LOGO
Cloud
service
can
have
more
confidence
in
the
ID
claim
they
receive
APIs
Client API
Rich OS
Trusted User
Interface
LOGO IN BLACK
Secure
cryptography
LOGO ON BLACK
ARM TrustZone® enabled SoC
30
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
User
has
the
convenience
of
using
their
preferred
device,
and
fewer
clicks
Secure
Mass Storage
31. CHIP
TO
CLOUD
TRUST
OTHER
USE
CASES
! Flexible
iden^ty
&
access
use
cases
‒ Convert
passwords
to
stronger
on-‐the-‐wire
creden^als
‒ Also
biometrics
! Transac^on
verifica^on
and
protec^on
‒ Simpler
payments
‒ Confiden^ality
‒ binding
integrity
! Content
‒ DRM
processing,
innova^ve
delivery
models
! Enterprise
‒ On
board
creden^als
for
VPN
etc
‒ BYOD
trust
anchors
‒ Virtual
HSM
! Improve
user
experience
! Provide
more
innova^ve
services
31
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
32. CHIP
TO
CLOUD
TRUST
BENEFITS
! Chip
to
cloud
works
both
ways
‒ The
client
is
increasingly
the
primary
device.
Remote
service
should
have
to
prove
itself
before
the
device
gives
up
any
sensi^ve
informa^on
‒ The
flexible
architecture
of
TEE
enables
these
islands
of
trust
to
work
both
ways
! Ability
to
verify
root
of
trust
separately
enables
greater
confidence
and
unlocks
poten^al
for
enhanced
services
and
user
experience
! Privacy
impacts
can
be
limited
by
separa^ng
the
key
actors
in
the
system:
something
that
can
happen
naturally
32
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
34. AMD
AND
TRUSTONIC
THE
PLATFORM
SECURITY
PROCESSOR
! The
Planorm
Security
Processor
(PSP)
is
a
dedicated
ARM
co-‐processor
within
the
APU
dedicated
to
providing
security
func^ons
AMD64
APU
! Has
its
own
secure
RAM
and
NV
storage
! Can
access
system
memory
PSP
! Crypto
func^onality,
including
TRNG
! Last
month
AMD
and
Trustonic
announced
a
partnership:
AMD
has
licensed
the
Trustonic
TEE
to
run
as
the
security
kernel
in
the
PSP
! Talk
to
AMD
for
the
PSP
roadmap
and
access
for
3rd
party
security
extensions
34
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
TEE
(Not
to
scale!)
36. WRAPPING
UP
1
The
mobility
trend
affects
ALL
areas
of
compu^ng
2
Security
is
DYNAMIC.
Need
to
keep
up.
3
HARDWARE
trust
is
needed
to
defeat
SOFTWARE
threats
4
A
collabora^ve
ECOSYSTEM
approach
is
essen^al
5
AMD
and
Trustonic
are
working
together
to
enable
this
36
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
37. 37
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL
40. SESSION
ABSTRACT
! TITLE:
Trust
thy
neighbour?
Trustworthy
mul^-‐tenancy
for
the
modern
applica^on
ecosystem
! SHORT
ABSTRACT:
With
tales
of
leaks,
hacks
and
malware
on
the
rise,
trust
in
mobile
systems
is
in
short
supply
these
days.
In
other
areas
an
almost
opposite
but
equally
troubling
problem
exists
where
walled
gardens
or
security
agents
seek
to
keep
out
the
bad
guys,
but
also
s^fle
innova^on
and
invite
ques^ons
of
trust
in
the
mo^va^on
and
interest
of
the
gardeners.
! This
talk
looks
at
recent
developments
in
client-‐to-‐cloud
trust
technology
in
the
ARM
mobile
device
ecosystem
and
presents
a
model
for
both
security
and
control
that
allows
mul^-‐tenancy
with
confidence.
It
also
covers
how
AMD
have
adopted
and
adapted
some
of
this
technology
to
create
a
world-‐leading
SoC
planorm
with
trust
built
into
the
very
heart
of
the
chip.
40
|
TRUST
THEY
NEIGHBOR?
|
JON
GEATER,
TRUSTONIC
|
NOVEMBER
12TH,
2013
|
CONFIDENTIAL